Escape strings after they have been truncated.

Don't truncate strings after they have been escaped.  If you do,
there is a chance you will happen to truncate half-way through
an escape sequence, causing malformed output.

flamegraph.pl

@@ -240,17 +240,21 @@ sub flow {
 		$info = "all samples ($samples samples, 100%)";
 	} else {
 		my $pct = sprintf "%.2f", ((100 * $samples) / $timemax);
-		$func =~ s/&/&/g;
-		$func =~ s/</&lt;/g;
-		$func =~ s/>/&gt;/g;
-		$info = "$func ($samples samples, $pct%)";
+		my $escaped_func = $func;
+		$escaped_func =~ s/&/&amp;/g;
+		$escaped_func =~ s/</&lt;/g;
+		$escaped_func =~ s/>/&gt;/g;
+		$info = "$escaped_func ($samples samples, $pct%)";
 	}
 	$im->filledRectangle($x1, $y1, $x2, $y2, color("hot"), 'rx="2" ry="2" onmouseover="s(' . "'$info'" . ')" onmouseout="c()"');
 
 	if ($width > 50) {
 		my $chars = int($width / (0.7 * $fontsize));
 		my $text = substr $func, 0, $chars;
 		$text .= ".." if $chars < length $func;
+		$text =~ s/&/&amp;/g;
+		$text =~ s/</&lt;/g;
+		$text =~ s/>/&gt;/g;
 		$im->stringTTF($black, $fonttype, $fontsize, 0.0, $x1 + 3, 3 + ($y1 + $y2) / 2, $text, "",
 		    'onmouseover="s(' . "'$info'" . ')" onmouseout="c()"');
 	}